3.6 million adults fall for phishing scams

More than a million more users were duped by phishing attacks last year, compared to the year before.

According to e-mail security vendor, BoxSentry, Gartner statistics show 3.6 million adults lost money last year to phishing scams, compared to 2.3 million the year before.

Manish Goel, BoxSentry CEO, told ZDNet.com.au sister site that this is a result of phishing sites growing in sophistication.

"Their methods and techniques of attack are improving faster than the public is being educated and warned -- phishers are using automation and bots to use the Internet to their advantage," said Goel.

Goel added: "According to Gartner, US$3.2 billion was lost as a result of phishing in 2007 in the United States alone."

Quoting findings from the Anti-Phishing Working Group, BoxSentry said November 2007 saw the highest number of hijacked brands ever recorded in a single month.

The report also found some 40 percent of all phishing sites are hosted in Asian countries.

With Asia's rapidly increasing online population, the global impact could "easily be twice that in just a matter of years", added Goel.

Goel said the Internet boom which the region's emerging markets are experiencing is creating an increasing number of new, inexperienced Internet users who fall prey to new attacks.

"This innocence and often blind trust in online messaging poses a challenge. Education of the market in conjunction with governments and media about the potential risks is one approach adopted to increase regional alertness to the issue without necessarily causing undue alarm and providing a reason or an excuse to not 'get connected'," said Goel.

A Symantec report released mid last year found Japan was home to the highest percentage of phishing Web sites in the Asia-Pacific region, a result of their having a high number of small Web hosts, which then become easy targets for phishers because attacks stay unnoticed for longer.

Rod Rasmussen, president and CTO of anti-phishing vendor, Internet Identity, said the company has primarily focused on the US market, but is now seeing a rapid increase in phishing activity beyond North America and Europe.